public async Task <JsonResult> SignUpUser(OAuth2UserIdentity userIdentity) { ServiceResponse response = default(ServiceResponse); using (Session session = ApplicationModel.Current.CreateSession(new SecurityToken(this.HttpContext.Request.Url.Host, this.HttpContext.User.Identity.Name))) { try { IDataPortal portal = DependencyInjection.Get <IDataPortal>(); OAuth2UserIdentity value = portal.SignUpUser(userIdentity); // Set the status on HTTP and response level. if (value == null) { HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound; } ResponseStatus status = value == null ? ResponseStatus.NO_DATA : ResponseStatus.OK; response = new ServiceDataResponse(RestVersion0100Controller.API_VERSION, status, value); } catch (Exception ex) { HttpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest; response = new ServiceErrorResponse(RestVersion0100Controller.API_VERSION, ResponseStatus.ERROR, new ServiceError(ex)); } } return(this.Json(response)); }
/// <summary> /// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database /// and if so records an authorization entry such that subsequent calls to <see cref="M:DotNetOpenAuth.OAuth2.IAuthorizationServerHost.IsAuthorizationValid(DotNetOpenAuth.OAuth2.ChannelElements.IAuthorizationDescription)" /> would /// return <c>true</c>. /// </summary> /// <param name="userName">Username on the account.</param> /// <param name="password">The user's password.</param> /// <param name="accessRequest">The access request the credentials came with. /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request.</param> /// <returns> /// A value that describes the result of the authorization check. /// </returns> public AutomatedUserAuthorizationCheckResponse CheckAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest) { IOAuth2AuthorizationStoreAgent agent = DependencyInjection.Get <IOAuth2AuthorizationStoreAgent>(); var user = agent.GetUser(userName, password); // We use a fixed username and password to determine if the username/password combination is correct. var userCredentialsAreCorrect = user != null; // Add the user's scopes. IList <OAuth2Scope> scopes = agent.GetUserScopes(userName); scopes.Select(x => x.Code).ToList().ForEach(x => { accessRequest.Scope.Add(x); }); OAuth2UserIdentity userIdentity = agent.GetUserIdentity(userName); var _userIdentity = userIdentity.ToDataTransferValue(); accessRequest.ExtraData.Add(new KeyValuePair <string, string>("userIdentity", JsonConvert.SerializeObject(_userIdentity))); // The token request is approved when the user credentials are correct and the user is authorized for the requested scopes var isApproved = userCredentialsAreCorrect && UserIsAuthorizedForRequestedScopes(userName, accessRequest.Scope); return(new AutomatedUserAuthorizationCheckResponse(accessRequest, isApproved, userName)); }
public OAuth2UserIdentity GetUserIdentity(IEntityContext context, string identifier) { OAuth2UserIdentity entity = null; using (IOAuth2UserIdentityRepository repository = DependencyInjection.Get<IOAuth2UserIdentityRepository>(InjectionParameter.Create("context", context))) { var subQuery = QueryOver.Of<OAuth2User>() .Where(x => x.Identifier == identifier) // Just keep the USER.ID to use in the query. .Select(t => t.ID); var userIdentityQuery = repository.Query() .Fetch(x => x.User.UserScopes).Eager .WithSubquery.WhereProperty(x => x.User.ID).In(subQuery) .TransformUsing(Transformers.DistinctRootEntity) .Future<OAuth2UserIdentity>(); OAuth2UserIdentity userIdentity = userIdentityQuery.SingleOrDefault(); if (userIdentity != null) entity = userIdentity; } return entity; }
public OAuth2UserIdentity GetUserIdentity(string identifier) { OAuth2UserIdentity entity = null; using (IEntityContext context = DependencyInjection.Get<IEntityContext>()) { entity = this.GetUserIdentity(context, identifier); context.Commit(); } return entity; }
/// <summary> /// Sign up a new <see cref="OAuth2User"/> account. /// </summary> /// <param name="user">The <see cref="OAuth2User"/> data transfer object.</param> /// <returns>The registered <see cref="OAuth2User"/> account.</returns> public DataTransfer.OAuth2UserIdentity SignUpUser(OAuth2UserIdentity userIdentity) { DataTransfer.OAuth2UserIdentity value = UnitOfWork.Execute <DataTransfer.OAuth2UserIdentity>(() => { IOAuth2AuthorizationStoreAgent agent = DependencyInjection.Get <IOAuth2AuthorizationStoreAgent>(); Domain.Entity.OAuth2UserIdentity _userIdentity = userIdentity.ToEntity(); Domain.Entity.OAuth2UserIdentity entity = agent.SignUpUser(_userIdentity); DataTransfer.OAuth2UserIdentity _value = entity.ToDataTransferValue(); return(_value); }); return(value); }
public OAuth2UserIdentity SignUpUser(OAuth2UserIdentity entity) { using (IEntityContext context = DependencyInjection.Get<IEntityContext>()) { using (IOAuth2UserRepository repository = DependencyInjection.Get<IOAuth2UserRepository>(InjectionParameter.Create("context", context))) { IList<OAuth2Scope> scopes = repository.Context.Query<OAuth2Scope>() .Where(x => x.Code == "application.role.user.default") .List(); bool isValidIdentifier = this.IsValidEmail(entity.User.Identifier); if (isValidIdentifier) { OAuth2User user = new OAuth2User(); user.ID = Guid.NewGuid(); user.Identifier = entity.User.Identifier; user.Password = entity.User.Password; user.CreationTimestamp = DateTime.UtcNow; user.ValidFrom = DateTime.UtcNow; user.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc); repository.Context.AddOrUpdate(user); Identity identity = new Identity(); identity.ID = Guid.NewGuid(); identity.FirstName = entity.Identity.FirstName; identity.Name = entity.Identity.Name; identity.Locale = entity.Identity.Locale; repository.Context.AddOrUpdate(identity); OAuth2UserScope userScope = new OAuth2UserScope(); userScope.ID = Guid.NewGuid(); userScope.Scope = scopes.Single(); userScope.User = user; userScope.CreationTimestamp = DateTime.UtcNow; userScope.ValidFrom = DateTime.UtcNow; userScope.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc); repository.Context.AddOrUpdate(userScope); OAuth2UserIdentity userIdentity = new OAuth2UserIdentity(); userIdentity.ID = Guid.NewGuid(); userIdentity.User = user; userIdentity.Identity = identity; userIdentity.CreationTimestamp = DateTime.UtcNow; userIdentity.ValidFrom = DateTime.UtcNow; userIdentity.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc); repository.Context.AddOrUpdate(userIdentity); } else { throw new Exception("Invalid e-mail address."); } } context.Commit(); } Domain.Entity.OAuth2UserIdentity _entity = this.GetUserIdentity(entity.User.Identifier); return _entity; }